Legal claims defining the scope of protection, as filed with the USPTO.
1. A computer implemented method for securing a log of one or more event records by adding tamper resistance to the log, the method comprising: generating, by a processor, a first event record in response to an event being performed by the computer; generating, by the processor, a first tamper resistance record in response to the first event record being generated, wherein the first tamper resistance record comprises: a first signature that is created based at least in part on the first event record; and a second signature that is created based at least in part on the first event record and the first signature; storing the first event record and the first tamper resistance record in the log; in response to a request to detect tampering of the first event record, validating the first event record based on the first signature and the second signature in the first tamper resistance record; generating, by the processor, a second event record in response to a second event being performed by the computer, the second event occurring after the first tamper resistance record is generated; generating, by the processor, a second tamper resistance record in response to the second event record being generated, wherein the second tamper resistance record comprises: a third signature that is created based at least in part on the second event record, wherein the third signature is created based at least in part on the second event record and at least part of the first tamper resistance record; and a fourth signature that is created based at least in part on the second event record, wherein the first signature and the third signature are created using the same cryptographic function and the second signature and the fourth signature are created using the same cryptographic function; and in response to a request to detect tampering of the second event record, validating the second event record based on the third signature and the fourth signature in the second tamper resistance record.
2. The computer implemented method of claim 1 , wherein the first tamper resistance record further comprises an identification of a type of cryptographic function used in creating the first signature and the second signature.
3. The computer implemented method of claim 1 , wherein the first tamper resistance record further comprises a spatial reference of the first event record, the spatial reference identifying the first event record.
4. The computer implemented method of claim 3 , wherein the second signature is created based at least in part on the first event record, the spatial reference of the first event record and the first signature.
5. The computer implemented method of claim 1 , wherein the fourth signature is created based at least in part on the second event record, the third signature and at least part of the first tamper resistance record.
6. The computer implemented method of claim 1 , wherein the first signature and the second signature are created using different cryptographic function.
7. A system, comprising: a memory; and a hardware processor; wherein the hardware processor is configured to: generate a first event record in response to an event being performed by the computer; generate a first tamper resistance record in response to the first event record being generated, wherein the first tamper resistance record comprises: a first signature that is created based at least in part on the first event record; and a second signature that is created based at least in part on the first event record and the first signature; store the first event record and the first tamper resistance record in a log of one or more event records; and in response to a request to detect tampering of the first event record, validate the first event record based on the first signature and the second signature in the first tamper resistance record; generate a second event record in response to a second event being performed by the computer, the second event occurring after the first tamper resistance record is generated; generate a second tamper resistance record in response to the second event record being generated, wherein the second tamper resistance record comprises: a third signature that is created based at least in part on the second event record, wherein the third signature is created based at least in part on the second event record and at least part of the first tamper resistance record; and a fourth signature that is created based at least in part on the second event record, wherein the first signature and the third signature are created using the same cryptographic function and the second signature and the fourth signature are created using the same cryptographic function; and in response to a request to detect tampering of the second event record, validate the second event record based on the third signature and the fourth signature in the second tamper resistance record.
8. The system of claim 7 , wherein the first tamper resistance record further comprises an identification of a type of cryptographic function used in creating the first signature and the second signature.
9. The system of claim 7 , wherein the first tamper resistance record further comprises a spatial reference of the first event record, the spatial reference identifying the first event record.
10. The system of claim 9 , wherein the second signature is created based at least in part on the first event record, the spatial reference of the first event record and the first signature.
11. The system of claim 7 , wherein the fourth signature is created based at least in part on the second event record, the third signature and at least part of the first tamper resistance record.
12. The system of claim 7 , wherein the first signature and the second signature are created using different cryptographic function.
13. A computer program product comprising a non-transitory computer readable storage medium having program instructions embodied therewith, the program instructions being executable by a processor to cause the processor to perform a method comprising: generating a first event record in response to an event being performed by the computer; generating a first tamper resistance record in response to the first event record being generated, wherein the first tamper resistance record comprises: a first signature that is created based at least in part on the first event record; and a second signature that is created based at least in part on the first event record and the first signature; storing the first event record and the first tamper resistance record in a log of one or more event records; and in response to a request to detect tampering of the first event record, validating the first event record based on the first signature and the second signature in the first tamper resistance record; generating, by the processor, a second event record in response to a second event being performed by the computer, the second event occurring after the first tamper resistance record is generated; generating, by the processor, a second tamper resistance record in response to the second event record being generated, wherein the second tamper resistance record comprises: a third signature that is created based at least in part on the second event record, wherein the third signature is created based at least in part on the second event record and at least part of the first tamper resistance record; and a fourth signature that is created based at least in part on the second event record, wherein the first signature and the third signature are created using the same cryptographic function and the second signature and the fourth signature are created using the same cryptographic function; and in response to a request to detect tampering of the second event record, validating the second event record based on the third signature and the fourth signature in the second tamper resistance record.
14. The computer program product of claim 13 , wherein the first tamper resistance record further comprises an identification of a type of cryptographic function used in creating the first signature and the second signature.
15. The computer program product of claim 13 , wherein the first tamper resistance record further comprises a spatial reference of the first event record, the spatial reference identifying a first event record.
16. The computer program product of claim 15 , wherein the second signature is created based at least in part on the first event record, the spatial reference of the first event record and the first signature.
Unknown
April 5, 2022
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.